| Age | Commit message (Collapse) | Author | 
|---|
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  |  | 
|  | This adds capabilities for start-stop-daemon by adding --capabilities
option. As a result, the user can specify the inheritable, ambient and
bounding set by define capabilities in the service script.
This fixes #314. | 
|  | This commit adds a new --oom-score-adj option to start-stop-daemon and
supervise-daemon, as well as an equivalent SSD_OOM_SCORE_ADJ environment
variable. If either of these are specified (with the command-line
option taking precedence), then the specified adjustment value is
written to /proc/self/oom_score_adj after forking but prior to exec'ing
the daemon (at the time when nice and ionice are applied).
Additionally, per a suggestion by Mike Frysinger, the suggested values
for the SSD_NICELEVEL, SSD_IONICELEVEL, and SSD_OOM_SCORE_ADJ variables
in the example config file are now given as zeros, which are the
kernel's default values of these process knobs for the init process at
boot. Note that uncommenting any of these zero-valued suggestions will
cause SSD/SD to set the corresponding process knob affirmatively to
zero, whereas leaving the variable unset (and the equivalent command-
line option unspecified) means SSD/SD will not change the corresponding
process knob from its inherited value.
See: https://github.com/OpenRC/openrc/pull/435#discussion_r688310672
This fixes #435. | 
|  |  | 
|  | Newer gcc reports:
broadcast.c: In function 'broadcast':
broadcast.c:132:15: warning: variable 'tp' might be clobbered by 'longjmp' or 'vfork' [-Wclobbered]
  132 |         FILE *tp;
Move the storage off the stack to avoid.  This makes the function
not safe for multithread use, but we don't do that anywhere, so
who cares! | 
|  | There are no semantic changes in this commit.
Suggested-by: Mike Frysinger <vapier@gentoo.org>
See: https://github.com/OpenRC/openrc/pull/435#pullrequestreview-727035394 | 
|  | This fixes #254. | 
|  | This makes the URIs shorter and dynamic: whatever the default branch
the repo uses will be used. | 
|  | The existing copyright notices in the file headers cover these vars. | 
|  | Make this a const pointer to the storage directly instead of a pointer
variable that points to the storage.  Makes the code slightly smaller. | 
|  |  | 
|  | Currently the ping loop instantly times out because timeout is decremented by 1 without actually going to sleep.
This fixes #480. | 
|  | This fixes #484.
This fixes #483. | 
|  | This allows containers using OpenRC based services to be configured to
allow open tcp connections to be closed before they are shut down.
This fixes #476. | 
|  | I can't think of a reason to do this since these scripts are just
examples.
This is for #474. | 
|  | This requires at leaste meson 0.53.0 since it uses the fs module.
This is for #474. | 
|  | Much like PAM, not all implementations of libcrypt provide a pkg-config
file, and hence we can't find it using the old logic.
Let's fall back to the standard AC_SEARCH_LIBS-style check if the pkg-config-style
detection fails.
This fixes finding e.g. musl's libcrypt.
X-Gentoo-Bug: 827074
X-Gentoo-Bug-URL: https://bugs.gentoo.org/827074 | 
|  | It's only a char* and has been deprecated upstream [0].
[0] https://github.com/SELinuxProject/selinux/commit/7a124ca27581
Fixes: #478 | 
|  | We only need libcrypt if we're building _with_ SELinux and
_without_ PAM. We don't use libcrypt for general SELinux
with PAM.
This is mostly a correctness change as libcrypt should
generally be available (as opposed to the previous
change which fixed some real-world cases).
Fixes: f3f0fde861b438c80f99afdd49fe175e9d0a68ca
Fixes: #478 | 
|  | We use libcrypt's crypt() if we're _not_ using PAM
in the SELinux code (rc-selinux, specifically).
X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/openrc/openrc/pull/477 | 
|  | X-Gentoo-Bug: 824954
X-Gentoo-Bug-URL: https://bugs.gentoo.org/824954
Fixes: https://github.com/OpenRC/openrc/issues/470
Fixes: https://github.com/OpenRC/openrc/pull/477 | 
|  | Fixes: #471
Fixes: #473 | 
|  | Fixes: #471
Fixes: #473 | 
|  | Clang was failing with:
```
/zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:70:2: error: suspicious concatenation of string literals in an array initialization; did you mean to separate the elements with a comma? [-Werror,-Wstring-concatenation]
        "when leaving single user or boot runlevels",
        ^
/zroot/jenkins/workspace/update_ghsotbsd-13_poudriere_jail/sbin/openrc/../../contrib/openrc/src/rc/rc.c:69:2: note: place parentheses around the string literal to silence warning
        "override the next runlevel to change into\n"
        ^
```
This fixes #469. | 
|  | X-Gentoo-Bug: 821520
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821520 | 
|  | Set the HAVE_PAM option if the dependency is found *and* pam is
requested.
X-Gentoo-Bug: 821211
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=821211 | 
|  |  | 
|  | The old code is moved to a cgroup_fallback_cleanup function and only
 called if cgroup2_kill fails.
 This fixes #454. | 
|  | While the s6-svscan runscript belongs to OpenRC, the user is required to
install s6 before it can actually be used, potentially leading to
confusion. Check for the existence of $command in start_pre and, if it does not
exist, bail out with an error that makes this observation.
X-Gentoo-Bug: 816978
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=816978 | 
|  | This fixes #466. | 
|  | This github action runs a build on each of the following platforms on a
push or pull request.
- Ubuntu LTS with gcc and glibc
- Ubuntu LTS with clang and glibc
- Alpine with gcc and musl
This fixes #463. | 
|  |  | 
|  |  | 
|  |  | 
|  | Some distros are still using versions of pam which do not create
*.pc files, so we need fallback logic for that situation. | 
|  | strlen's return value isn't enough to be used
directly for (x)malloc; it doesn't include
the null byte at the end of the string.
X-Gentoo-Bug: 816900
X-Gentoo-Bug-URL: https://bugs.gentoo.org/816900
Fixes: #459
Fixes: #462 | 
|  |  | 
|  | Pam generates pkgconfig files now, so meson can use them to find the pam
dependencies. | 
|  |  | 
|  | This fixes #438. | 
|  |  | 
|  |  | 
|  | This fixes #320. | 
|  | The script tries to copy non-existing files. We simply hide the error
http://bugs.alpinelinux.org/issues/3160
This fixes #451. | 
|  | The original service that pulled in root remount was mtab which
is not part of OpenRC.
This fixes #449. | 
|  | Currently, we run sv start immediately after linking the service.
The runsv process may not be up at the moment, as a result of which
openrc will mark the service as stopped, even though it may be brought up
by runit at the next scan.
This is documented in the gentoo wiki:
https://wiki.gentoo.org/wiki/Runit#OpenRC.27s_runit_integration_feature
This PR adds a timeout so that correct process state can be reported.
Before:
 * Starting netdata-runit ...
fail: /run/openrc/sv/netdata: runsv not running
 * Failed to start netdata-runit
After:
 * Starting netdata-runit ...
fail: /run/openrc/sv/netdata: runsv not running
ok: run: /run/openrc/sv/netdata: (pid 9042) 0s
This fixes #253. |